I have a Comodo Domain Control Validated certificate from namecheap.com
According to namecheap customer support & ssl labs (http://bit.ly/1JYODhn) I have installed this certificate properly.
My problem is: The certificate throws a warning on Iphone 5 (ios - 7 & 8 and safari 7) . It should be noted the warning is not thrown on Desktops, or Iphone 6.
I have already verified my SSL Certificate Chain and there are no problems there. namecheap.com recommends I add my root certificate to the chain, I am not so sure of this since ssl labs says this is a problem.
Anyone know what setting IOS is so sensitive to in SSL installations?
Error from Apache Logs:
[Tue Apr 21 15:32:54 2015] [debug] ssl_engine_kernel.c(1924): OpenSSL: Exit: error in SSLv3 read client hello C
Related
How can I fix this on iOS using Swift? When I'm making a server request I get the following error:
The certificate for this server is invalid. You might be connecting to a server that is pretending to be “...” which could put your confidential information at risk.
You just need to install the certificates on the iOS simulators
From Charles Documentation:
Quit your iOS Simulator. Launch Charles and go to the Help menu.
Choose the "SSL Proxying > Install Charles Root Certificate in iOS
Simulators" item. This will install your Charles Root Certificate into
all of your iOS Simulators. Now when you start the iOS Simulator, you
should be able to access SSL websites with Charles using SSL Proxyin
You are most probably trying to connect to server with self-signed ssl certificate. iOS does not like it.
Take a look at this post as an example: Swift SSL error with self signed certificate.
Other possible issue is a proxy configuration with something like Charles behind it.
More details will maybe help to identify the root of the issue...
Here's what I did so far:
Install Charles on my mac
Connect mac and iPhone to same WiFi network
Charles->Proxy->SSL Proxy Settings. Enable for *
General->About->Certificate Trust Settings and enable full trust for the Charles Proxy certificate.
Charles->Help->Install Charles Root Certificate on a Mobile Device
Configure iPhone to proxy to IP provided in step 3.
And then when I try to go to safari on my Iphone I get a "connection lost" error and It's impossible to browse.
Any solutions ?
I'm on IOS 11.4
I used to have the same problem when SSL Proxying on iOS device then I changed to the following steps and it works:
Install Root Certificate on my mac
Configure Wifi Proxy on iOS device to Charles:
Server: 172.16.1.191
Port: 8888
Open Safari on iOS device:
Browse to chls.pro/ssl to download and install the certificate
Install Charles CA Certificate on your device:
iOS ≥ 10.3: Setting app > General > Profiles > Select Charles CA > Install
iOS ≥ 12.2: Setting app > Profiles Downloaded > Select Charles CA > Install
Trust Charles CA Certificate on your device:
Setting app > General > About > Certificate Trust Settings > Switch ON on Charles CA
Honestly, this is based on the iOS Setup Guide of an app named Proxyman. They have similar features like Charles but the UX is better I suppose. Anw, hope it helps :)
I had the same issue yesterday and spent a lot of time trying all possible solutions. But, what worked for me was restarting my router and do all these steps again.
Note: In case you are not able to download the certificate on your iOS device by going to Safari browser (chls.pro/ssl), you can download the certificate from the Charles app on your mac, save in local, then send it to your iOS device and install from there.
Path for the same in Charles app is - Help -> SSL Proxying -> Save Charles Root Certificate
Go to the Wifi setting, Configure Proxy under HTTP PROXY to Manual.
Provide the Server IP from Charles and Port to 8888.
Browse to chls.pro/ssl to download and install the certificate in your phone.
Refer to the answer here: Cannot see iOS simulator traffic with charles proxy
Ensure that ATS is present for debug builds.
Here's what I did so far:
1. Install Charles on my mac
2. Connect mac and iPhone to same WiFi network
3. Charles->Proxy->SSL Proxy Settings. Enable for *
4. Charles->Help->Install Charles Root Certificate on a Mobile Device
5. Configure iPhone to proxy to IP provided in step 3.
6. on iPhone, went to chls.pro/ssl and installed root certificate.
The iPhone web traffic shows in Charles, but is still ssl encrypted. What am I missing?
Go to General->About->Certificate Trust Settings and enable full trust for the Charles Proxy certificate.
I want to sign a Configuration Profile for my app which I am downloading from server and then installing it on my device, this is working perfectly for iOS version 7.0, 7.1, ... , 8.2 and for installing profile it is showing "Verified" status. But for iOS v. 8.3 and above while installing the profile is showing status as "Not Verified".
I am using certificate from https://www.apple.com/certificateauthority/ for ROOT I am using certificate name Apple Inc. Root Certificate and for Intermediate certificate I am using Apple IST CA 2 - G1 Certficate.
Any help would be appreciated.Thanks.
I'm experiencing an issue with my newly installed Xcode 7 where even after installing an SSL certificate on the iOS simulators through Charles (Help > SSL Proxying > Install Charles Root Certificate in iOS Simulators), and explicitly allowing the domain of the server I'm querying in Charles, any attempts to listen in on SSL traffic results in failed connection.
Charles reports the following error:
SSLHandshake: Remote host closed connection during handshake You may
need to configure your browser or application to trust the Charles
Root Certificate. See SSL Proxying in the Help menu.
Xcode console reports:
2015-09-23 11:29:44.173 Citifyd[8352:449043] Error in registration.
Error: Error Domain=NSCocoaErrorDomain Code=3010
"REMOTE_NOTIFICATION_SIMULATOR_NOT_SUPPORTED_NSERROR_DESCRIPTION"
UserInfo={NSLocalizedDescription=REMOTE_NOTIFICATION_SIMULATOR_NOT_SUPPORTED_NSERROR_DESCRIPTION}
2015-09-23 11:29:44.483 Citifyd[8352:449381]
NSURLSession/NSURLConnection HTTP load failed
(kCFStreamErrorDomainSSL, -9802) 2015-09-23 11:29:44.509
Citifyd[8352:449043] API ERRROR Error Domain=NSURLErrorDomain
Code=-1200 "An SSL error has occurred and a secure connection to the
server cannot be made."
Things worked fine in Xcode 6 under the same setup - anyone have any ideas?
I solved the issue based on this thread:
https://forums.developer.apple.com/thread/4988
iOS 9 (which the Xcode 7 emulators run) has stricter requirements for SSL transport - from user "Poets" in the above thread:
iOS 9 forces connections that are using HTTPS to be TLS 1.2 to avoid
recent vulnerabilities. In iOS 8 even unencrypted HTTP connections
were supported, so that older versions of TLS didn't make any problems
either. As a workaround, you can add this code snippet to your
Info.plist:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
This enables Charles to show you unencrypted traffic when using iOS 9 emulators. You'll likely want to disable this once you distribute your apps.